X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fquick-charge.cgi;h=8f0e424718df810e70ad0172ef1fba794221874d;hb=0376f47e1ec2ec9b8702a0e6c5146af9c66beb5e;hp=70778c1cc0d09537ffe2564e2403021c6039694c;hpb=c8cccb4a92adceb943c635fe62dad0d034462ce0;p=freeside.git diff --git a/httemplate/edit/process/quick-charge.cgi b/httemplate/edit/process/quick-charge.cgi index 70778c1cc..8f0e42471 100644 --- a/httemplate/edit/process/quick-charge.cgi +++ b/httemplate/edit/process/quick-charge.cgi @@ -1,43 +1,72 @@ -% -% -%#untaint custnum -%$cgi->param('custnum') =~ /^(\d+)$/ -% or die 'illegal custnum '. $cgi->param('custnum'); -%my $custnum = $1; -% -%$cgi->param('amount') =~ /^\s*(\d+(\.\d{1,2})?)\s*$/ -% or die 'illegal amount '. $cgi->param('amount'); -%my $amount = $1; -% -%my( $error, $cust_main); -%if ( $cgi->param('taxclass') eq '(select)' ) { -% -% -% $error = 'Must select a tax class'; -%} else { -% -% my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) -% or die "unknown custnum $custnum"; -% -% $error = $cust_main->charge( -% $amount, -% $cgi->param('pkg'), -% '$'. sprintf("%.2f",$amount), -% $cgi->param('taxclass') -% ); -% -%} -% -%if ($error) { -% - - -% -% eidiot($error); -%} else { -% print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum" ); -%} -% -% +% if ( $error ) { +% $cgi->param('error', $error ); +<% $cgi->redirect($p.'quick-charge.html?'. $cgi->query_string) %> +% } else { +<% header("One-time charge added") %> + + +% } +<%init> +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('One-time charge'); +my $error = ''; +my $conf = new FS::conf; +my $param = $cgi->Vars; + +my @description = (); +for ( my $row = 0; exists($param->{"description$row"}); $row++ ) { + push @description, $param->{"description$row"} + if ($param->{"description$row"} =~ /\S/); +} + +$param->{"custnum"} =~ /^(\d+)$/ + or $error .= "Illegal customer number " . $param->{"custnum"} . " "; +my $custnum = $1; + +$param->{"amount"} =~ /^\s*(\d*(?:\.?\d{1,2}))\s*$/ + or $error .= "Illegal amount " . $param->{"amount"} . " "; +my $amount = $1; + +my $quantity = 1; +if ( $cgi->param('quantity') =~ /^\s*(\d+)\s*$/ ) { + $quantity = $1; +} + +$param->{'tax_override'} =~ /^\s*([,\d]*)\s*$/ + or $error .= "Illegal tax override " . $param->{"tax_override"} . " "; +my $override = $1; + +if ( $param->{'taxclass'} eq '(select)' ) { + $error .= "Must select a tax class. " + unless ($conf->exists('enable_taxproducts') && + ( $override || $param->{taxproductnum} ) + ); + $cgi->param('taxclass', ''); +} + +unless ( $error ) { + my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + or $error .= "Unknown customer number $custnum. "; + + $error ||= $cust_main->charge( { + 'amount' => $amount, + 'quantity' => $quantity, + 'start_date' => ( scalar($cgi->param('start_date')) + ? str2time($cgi->param('start_date')) + : '' + ), + 'pkg' => scalar($cgi->param('pkg')), + 'setuptax' => scalar($cgi->param('setuptax')), + 'taxclass' => scalar($cgi->param('taxclass')), + 'taxproductnum' => scalar($cgi->param('taxproductnum')), + 'tax_override' => $override, + 'classnum' => scalar($cgi->param('classnum')), + 'additional' => \@description, + } ); +} + +